Jump to content

Search the Community

Showing results for tags 'command'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Biography


Location


Interests


Occupation

Found 18 results

  1. A command injection is a class of vulnerabilities where the attacker can control one or multiple commands that are being executed on a system. This post will go over the impact, how to test for it, defeating mitigations, and caveats. Before diving into command injections, let’s get something out of the way: a command injection is not the same as a remote code execution (RCE). The difference is that with an RCE, actual programming code is executed, whereas with a command injection, it’s an (OS) command being executed. In terms of possible impact, this is a minor difference, but the key
  2. America takes photobombing REALLY seriously Medieval butcher bastards ISIS are adept at using the web to lure Western followers to their warped cause – but the internet can turn around and bite back. Air Force General Hawk Carlisle, head of US Air Combat Command, told a conference that analysts at the 361st Intelligence, Surveillance and Reconnaissance Group spotted a selfie snapped and posted online by an ISIS fighter standing outside a command-and-control building in the Mid East. "The [airmen are] combing through social media and they see some moron standing at this command," Carlisle said
  3. ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::CmdStager def initialize(info = {}) super(update_info(info, 'Name' => 'D-Link Devices HNAP SOAPAction-Header Command Execution', 'Description' => %q{ Different D-Link Routers are vulnerable to OS command injection in the HNAP SOAP interface. Since it is a bli
  4. ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::CmdStager def initialize(info = {}) super(update_info(info, 'Name' => 'D-Link Devices UPnP SOAPAction-Header Command Execution', 'Description' => %q{ Different D-Link Routers are vulnerable to OS command injection in the UPnP SOAP interface. Since it is a bli
  5. ------------------------------------------------------------------------ Command injection vulnerability in Synology Photo Station ------------------------------------------------------------------------ Han Sahin, May 2015 ------------------------------------------------------------------------ Abstract ------------------------------------------------------------------------ A command injection vulnerability was found in Synology Photo Station, which allows an attacker to execute arbitrary commands with the privileges of the webserver. An attacker can use this vulnerability to compromise a S
  6. 1) Boot from the Windows Server 2012 ISO 2) At Windows Setup menu, click Next 3) Chose Repair your computer 4) On Choose and option click Troubleshoot 5) Under Advanced options click Command Prompt Now on command prompt, run commands: d: cd windows\system32 ren Utilman.exe Utilman.exe.old copy cmd.exe Utilman.exe 6) Close command prompt and click “Continue”. 7) Server will now boot and present the logon screen. Here press Windows Key + U 8) In prompt you can now change the password typing the command: net user administrator Password This will set the password for Administrator to Passwor
  7. __ ___ ___ ___ ___ ___ ___ /\_\ __ _ /'___\ / __`\ /' __` __`\ /' __` __`\/\ \ /\ \/'\ /\ \__//\ \L\ \/\ \/\ \/\ \/\ \/\ \/\ \ \ \\/> </ \ \____\ \____/\ \_\ \_\ \_\ \_\ \_\ \_\ \_\/\_/\_\ \/____/\/___/ \/_/\/_/\/_/\/_/\/_/\/_/\/_/\//\/_/ { v0.1b } +-- Automated All-in-One OS Command Injection and Exploitation Tool Copyright © 2015 Anastasios Stasinopoulos (@ancst) +-- General Information Commix (short for [comm]and njection e[x]ploiter) has a simple environment and it can be used, from web developers, penetration testers or even security researchers to test web
  8. #!/usr/bin/python import BaseHTTPServer, sys, socket ## # Acunetix OLE Automation Array Remote Code Execution # # Author: Naser Farhadi # Linkedin: http://ir.linkedin.com/pub/naser-farhadi/85/b3b/909 # # Date: 27 Mar 2015 # Version: <=9.5 # Tested on: Windows 7 # Description: Acunetix Login Sequence Recorder (lsr.exe) Uses CoCreateInstance API From Ole32.dll To Record # Target Login Sequence # Exploit Based on MS14-064 CVE2014-6332 http://www.exploit-db.com/exploits/35229/ # This Python Script Will Start A Sample HTTP Server On Your Machine And Serves Exploit Code And # Metasploit window
  9. Citrix NITRO SDK Command Injection ------------------------------------------------------------------------ Command injection vulnerability in Citrix NITRO SDK xen_hotfix page ------------------------------------------------------------------------ Han Sahin, August 2014 ------------------------------------------------------------------------ Abstract ------------------------------------------------------------------------ Securify discovered a command injection vulnerability in xen_hotfix page of the NITRO SDK. The attacker-supplied command is executed with elevated privileges (nsroot). Thi
  10. ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::Tcp include Msf::Exploit::Remote::SMB::Server::Share include Msf::Exploit::EXE def initialize(info={}) super(update_info(info, 'Name' => 'HP Data Protector 8.10 Remote Command Execution', 'Description' => %q{ This module exploits a remote command execution on HP Data Protector 8.10. Arbit
  11. ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::Tcp include Msf::Exploit::Remote::SMB::Server::Share include Msf::Exploit::EXE def initialize(info={}) super(update_info(info, 'Name' => 'HP Data Protector 8.10 Remote Command Execution', 'Description' => %q{ This module exploits a remote command execution on HP Data Protector 8.10. Arbit
  12. Nytro

    Cmd.fm

    Command line https://cmd.fm/
  13. Secure rm (srm) is a command-line compatible rm(1) which completely destroys file contents before unlinking. The goal is to provide drop in security for users who wish to prevent command line recovery of deleted information, even if the machine is compromised. Changes: Various updates. Download Sourceforge: srm - secure file deletion for posix systems
  14. ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::HttpClient def initialize(info = {}) super(update_info(info, 'Name' => 'Arris VAP2500 tools_command.php Command Execution', 'Description' => %q{ Arris VAP2500 access points are vulnerable to OS command injection in the web management portal via the tools_command.php page. Though authentication
  15. CONTENTS Introduction 4 Executive summary 4 1 The initial incident 5 2 Analysis 6 2.1 Plug-in ................................................................................................................................................ 6 2.2 Origin.................................................................................................................................................. 9 2.3 Features............................................................................................................................................ 11 2.4 Setup ..................................
  16. Document Title: =============== Remote Desktop v0.9.4 Android - Multiple Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1413 Release Date: ============= 2015-01-20 Vulnerability Laboratory ID (VL-ID): ==================================== 1413 Common Vulnerability Scoring System: ==================================== 4.4 Product & Service Introduction: =============================== Remote Desktop brings order to your Droid. View and retrieve all the contents of your phone such as documents, photos, videos. All you nee
  17. Document Title: =============== VeryPhoto v3.0 iOS - Command Injection Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1401 Release Date: ============= 2015-01-13 Vulnerability Laboratory ID (VL-ID): ==================================== 1401 Common Vulnerability Scoring System: ==================================== 5.6 Product & Service Introduction: =============================== VeryPhoto Pro is your side of the most powerful local album management software that allows you to easily manage your massive photos, while g
  18. ~# shellhelp Ajax/PHP Command Shell © By Ironfist Version 0.7B The shell can be used by anyone to command any server, the main purpose was to create a shell that feels as dynamic as possible, is expandable and easy to understand. If one of the command execution functions work, the shell will function fine. Try the "canirun" command to check this. Any (not custom) command is a UNIX command, like ls, cat, rm ... If you're not used to these commands, google a little. Custom Functions If you want to add your own custom command in the Quick Commands list, check out the code. The $function arra
×
×
  • Create New...